DXS International, a key NHS software provider, experienced a cybersecurity breach affecting its internal systems but claimed clinical services remained operational. UK health tech supply chain attacks highlight ongoing risks, with investigations ongoing and no confirmed patient data compromise yet. #DXSInternational #NHS #CyberAttack #HealthTech #ICO…
Tag: CRITICAL INFRASTRUCTURE
In November 2025, AhnLab’s report summarizes confirmed counts of affected systems, DLS-based ransomware statistics, and notable incidents in Korea and abroad, with data collected via AhnLab TIP and ATIP. The report highlights active campaigns from established and emerging ransomware groups and provides trends by country, industry, and DLS/detection statistics. #Clop #Akira…
The MS13-089 ransomware group has claimed to breach multiple organizations across different sectors, releasing sensitive data on their dark web leak site. These breaches include medical and financial entities, exposing personal and corporate information. #MS13-089 #DarkWebLeaks…
The FBI, in collaboration with international partners, has dismantled the E-Note cryptocurrency exchange, which was used for laundering over $70 million linked to cybercrime activities such as ransomware and account takeovers. This operation highlights the global effort to combat transnational cybercriminal infrastructure and money laundering networks.
#FBI #E-Note #cryptocurrency #ransomeware #moneylaundering…
The FBI and international law enforcement agencies shut down the cryptocurrency exchange E-Note, which facilitated over $70 million in illicit transactions related to ransomware and cyberattacks. The operation targeted a Russian national, Mykhalio Chudnovets, who operated E-Note and was involved in money laundering since 2010. #E-Note #MykhalioChudnovets…
SonicWall has issued a warning about a critical security vulnerability in the SMA1000 Appliance Management Console (AMC) that has been exploited in zero-day attacks. Users are urged to upgrade to the latest hotfix to mitigate the risk of remote code execution and privilege escalation. #SonicWall #CVE2025-40602 #ZeroDayExploits
This article details a critical vulnerability in Hitachi Energy’s AFS, AFR, and AFF series that can lead to data integrity issues and system disruptions. The flaw involves a forgery attack on the RADIUS protocol, affecting multiple product versions worldwide. #HitachiEnergy #CVE-2024-3596…
This article discusses a vulnerability in Mitsubishi Electric’s GT Designer3 software that allows attackers to obtain plaintext credentials from project files, potentially leading to unauthorized operation of GOT2000 and GOT1000 series devices. Protective measures and best practices are recommended to mitigate the risks associated with this vulnerable software. #CVE-2025-11009 #CWE-312 #MitsubishiElectric…
A Russia-linked hacker group has been exploiting vulnerabilities in edge devices of critical infrastructure sectors since 2021, focusing on credential harvesting and lateral movement. The campaign is linked to Russia’s GRU and aims mainly at energy, telecommunications, and cloud organizations in North America, Europe, and the Middle East. #Sandworm #GRU…
A recent report highlights a strategic shift in Russian state-sponsored cyber operations from exploiting software vulnerabilities to targeting misconfigured network edge devices. This tactic allows persistent access to critical infrastructure sectors such as energy and telecommunications. #Sandworm #GRU…
Amazon’s Threat Intelligence team has identified and disrupted operations linked to Russian GRU hackers targeting cloud infrastructure, especially in Western critical sectors like energy. The threat actors shifted from exploiting vulnerabilities to focusing on misconfigured devices, aiming for persistent access and credential theft. #GRU #Sandworm #AWSecurity #Cyberespionage
Amazon’s threat intelligence has revealed a prolonged Russian state-sponsored campaign targeting Western critical infrastructure from 2021 to 2025. The campaign primarily exploited misconfigured network edge devices and leveraged vulnerabilities to harvest credentials and gain persistent access, with connections to GRU-linked groups like APT44 and Sandworm. #GRU #APT44…
Andrew Garbarino discusses the importance of renewing key cybersecurity legislation and emphasizes the need for offensive cyber capabilities in national strategy. He also highlights ongoing investigations into Chinese hacking groups and the emerging threats from artificial intelligence. #CybersecurityInformationSharingAct #SaltTyphoon #VoltTyphoon #Anthropic #CyberThreats…
Russian government hackers, specifically the group APT44, are increasingly targeting Western energy sectors by exploiting misconfigured network edge devices rather than vulnerabilities in software. These attacks demonstrate a strategic shift towards passive data collection and credential harvesting, emphasizing the importance of proper device configuration in cybersecurity defenses. #APT44 #Sandworm #RussianCyberThreats #CriticalInfrastructure…
CISO communities have grown rapidly, providing a trusted and secure environment for cybersecurity executives to share insights, support, and collaborate in real-time. These peer groups help strengthen defenses, share threat intelligence, and address mental health challenges in the cybersecurity industry. #CISOCommunities #ThreatSharing…